Medium severity6.1NVD Advisory· Published Feb 1, 2017· Updated Jun 17, 2026
CVE-2016-8961
CVE-2016-8961
Description
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
Affected products
4cpe:2.3:a:ibm:bigfix_inventory:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:bigfix_inventory:*:*:*:*:*:*:*:*range: <=9.2
- (no CPE)
- cpe:2.3:a:ibm:license_metric_tool:9.2.0:*:*:*:*:*:*:*
- IBM Corporation/BigFix Inventoryv5Range: 9.2
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/docview.wssnvdVendor Advisory
- www.securityfocus.com/bid/95128nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.